package org.grayrabbit.cms.security;

import java.util.Collection;
import java.util.List;
import java.util.Map;

import org.apache.commons.lang.StringUtils;
import org.grayrabbit.cms.constant.ConstantOperCode;
import org.grayrabbit.cms.vo.system.OperCodeCheckBean;


public class ActionPermission implements PermissionChecker{
 
	public boolean check(SecurityUser user, Object targetObj,String targetType,
			Map<String, Object> params, List<OperCodeCheckBean> list) {
		String uri = (String) targetObj;
		String code = PermissionHelper.get(uri);		
		if(!PermissionHelper.exist(uri) && user==null)
			return false;
		if(StringUtils.isNotBlank(code)){			
			code = code.trim();		
			if("pass".equalsIgnoreCase(code))
				return true;
			if(user==null)
				return false;
			if(isSuperAdmin(user))
				return true;
			if("login".equalsIgnoreCase(code))
				return true; 
		}			 
		Collection<String> permisses = user.getPerssmins();	 
		//TODO 暂时统一使用一个验证
		if(PermissionChecker.USER_TYPE_ADMIN.equalsIgnoreCase(user.getUserType())){			
			cmsAdminCheck(permisses, params, list);
			return true; 
		}else if(PermissionChecker.USER_TYPE_USER.equalsIgnoreCase(user.getUserType())){
			return true; 
		}else if(PermissionChecker.USER_TYPE_ESP_ADMIN.equalsIgnoreCase(user.getUserType())){
			return true; 
		}
		return false;
	}
	
	public boolean isActivation(Object targetObj, String targetType) {
		String uri = (String) targetObj;
		String code = PermissionHelper.get(uri); //activation
		if(!PermissionHelper.exist(uri)) {
			return false;
		}
		if(StringUtils.isNotBlank(code)) {
			code = code.trim();
			if("activation".equalsIgnoreCase(code)) {
				return true;
			}
		}
		return false;
	}
	/**超级管理员*/
	private boolean isSuperAdmin(SecurityUser user){
		return "admin".equalsIgnoreCase(user.getUserName());
	}
 
 
	private static final String GOBLE_TARGETID="-authority";
	private boolean cmsAdminCheck(Collection<String> permisses,Map<String, Object> params, 
			List<OperCodeCheckBean> list){
		if(list==null){
			return true;
		}
			
	 
		for(OperCodeCheckBean bean :list){			
			if(StringUtils.isNotBlank(bean.getOperKey())){
				Object value = params.get(bean.getOperKey());
				Object obj = null;
				if(value != null) 	obj = ((Object[])value)[0];
				if(!bean.getOperValue().equals(obj)) continue;					
			}
			if(bean.getOperType().equals(ConstantOperCode.AUTH_GOBLE_TYPE)){
				if(StringUtils.isNotBlank(bean.getParamKey())){
					Object p_value = params.get(bean.getParamKey());
					if(p_value==null  || StringUtils.isBlank(bean.getParamValue())) continue; 					 
					String targetId = ((String[])p_value)[0];
					if(!bean.getParamValue().equals(targetId)) continue;
					return permisses.contains(bean.getOperCode()+GOBLE_TARGETID);
				}				
			}else{			
				if(StringUtils.isNotBlank(bean.getParamKey())){
					Object p_value = params.get(bean.getParamKey());
					if(p_value==null  || StringUtils.isBlank(bean.getParamValue())) continue; 					 
					String targetId = ((String[])p_value)[0];
					if(!bean.getParamValue().equals(targetId)) continue;
					return permisses.contains(bean.getOperCode()+"-"+targetId);
				}
			} 
		}		
		return false;
	}
 }
